Providing a split-configuration virtual private network

ABSTRACT

A method associated with a split-configuration virtual private network (VPN), the method including receiving, by a VPN server from a user device prior to establishment of a VPN connection between the VPN server and the user device, an initiation request to establish the VPN connection, the initiation request including remote content information indicating remote content that is to be requested by the user device after the VPN connection is established, the remote content being unavailable in a geographic location of the user device; and configuring, by the VPN server based at least in part on the remote content information, domain name services (DNS) settings associated with the VPN connection to associate the VPN connection with a remote DNS server that is capable of enabling the VPN server to obtain the remote content after establishment of the VPN connection is disclosed. Various other aspects are contemplated.

CROSS REFERENCE

This application is a continuation of U.S. Non-Provisional patentapplication Ser. No. 17/392,631, filed on Aug. 3, 2021, and titled“Providing a Split-Configuration Virtual Private Network,” the entirecontents of which are incorporated herein by reference.

FIELD OF DISCLOSURE

Aspects of the present disclosure generally relate to a virtual privatenetwork (VPN), and more particularly to providing a split-configurationVPN.

BACKGROUND

Global Internet users increasingly rely on VPN services to preservetheir privacy, to circumvent censorship, and/or to access geo-filteredcontent. Originally developed as a technology to privately send andreceive data across public networks, VPNs are now used broadly as aprivacy-preserving technology that allows Internet users to obscure notonly the communicated data but also personal information such as, forexample, web browsing history from third parties including Internetservice providers (ISPs), Spywares, or the like. A VPN service providermay offer a secure private networking environment within a publiclyshared, insecure infrastructure through encapsulation and encryption ofthe data communicated between a VPN client application (or VPNapplication) installed on a user device and a remote VPN server.

Most VPN providers rely on a tunneling protocol to create the secureprivate networking environment, which adds a layer of security toprotect each IP packet of the communicated data during communicationover the Internet. Tunneling may be associated with enclosing an entireIP packet within an outer IP packet to form an encapsulated IP packet,and transporting the enclosed IP packet over the Internet. The outer IPpacket may protect contents of the enclosed IP packet from public viewby ensuring that the enclosed IP packet is transmitted over the Internetwithin a virtual tunnel. Such a virtual tunnel may be a point-to-pointtunnel established between the user device and the VPN server. Theprocess of enclosing the entire IP packet within the outer IP packet maybe referred to as encapsulation. Computers, servers, or other networkdevices at ends of the virtual tunnel may be referred to as tunnelinterfaces and may be capable of encapsulating outgoing IP packets andof unwrapping incoming encapsulated IP packets.

Encryption may be associated with changing the data from being in atransparently readable format to being in an encoded, unreadable formatwith help of an encryption algorithm. Decryption may be associated withchanging the data from being in the encoded, unreadable format to beingin the transparently readable format with help of a decryptionalgorithm. In an example, encoded/encrypted data may bedecoded/decrypted with only a correct decryption key. In a VPN,encryption may render the communicated data unreadable or indecipherableto any third party. At a basic level, when the user launches theinstalled VPN application and connects to the VPN server, the VPNapplication may encrypt all contents of the data before transmissionover the Internet to the VPN server. Upon receipt, the VPN server maydecrypt the encrypted data and forward the decrypted data to an intendedtarget via the Internet. Similarly, the VPN server may encrypt allcontents of the data before transmission over the Internet to the userdevice. Upon receipt, the VPN application on the user device may decryptthe encrypted data and provide the decrypted data to the user.

VPNs generally use different types of encryption and decryptionalgorithms to encrypt and decrypt the communicated data. Symmetricencryption may utilize encryption and decryption algorithms that rely ona single private key for encryption and decryption of data. Symmetricencryption is considered to be relatively speedy. One example of anencryption and decryption algorithm utilized by symmetric encryption maybe an AES encryption cipher. Asymmetric encryption, on the other hand,may utilize encryption and decryption algorithms that rely on twoseparate but mathematically-related keys for encryption and decryptionof data. In one example, data encrypted using a public key may bedecrypted using a separate but mathematically-related private key. Thepublic key may be publicly available through a directory, while theprivate key may remain confidential and accessible by only an owner ofthe private key. Asymmetric encryption may also be referred to as publickey cryptography. One example of an encryption and decryption algorithmutilized by asymmetric encryption may be Rivest-Shamir-Adleman (RSA)protocol.

In a VPN, keys for encryption and decryption may be randomly generatedstrings of bits. Each key may be generated to be unique. A length of anencryption key may be given by a number of the randomly generated stringbits, and the longer the length of the encryption key, the stronger isthe encryption.

VPNs may employ user authentication, which may involve verification ofcredentials required to confirm authenticity/identity of the user. Forinstance, when a user launches the VPN application to request a VPNconnection, the VPN service provider may authenticate the user deviceprior to providing the user device with access to VPN services. In thisway, user authentication may provide a form of access control.Typically, user authentication may include verification of a uniquecombination of a user ID and password. To provide improved security inthe VPN, user authentication may include additional factors such asknowledge, possession, inheritance, or the like. Knowledge factors mayinclude items (e.g., pin numbers) that an authentic user may be expectedto know. Possession factors may include items (e.g., one-time password(OTP) tokens) that an authentic user may be expected to possess at atime associated with the authentication. Inherent factors may includebiometric items (e.g., fingerprint scans, retina scans, iris scans, orthe like) that may be inherent traits of an authentic user.

A VPN may be associated with a network of VPN servers, typicallydeployed in various geographic locations. A VPN server may be a physicalserver or a virtual server configured to host and/or globally deliverVPN services to the user. A server may be a combination of hardware andsoftware, and may include logical and physical communication ports. Whenlaunched, the VPN application may connect with a selected VPN server forsecure communication of data via the virtual tunnel.

The VPN application, installed on the user device, may utilizesoftware-based technology to establish a secure connection between theuser device and a VPN server. Some VPN applications may automaticallywork in the background on the user device while other VPN applicationsmay include front-end interfaces to allow the user to interact with andconfigure the VPN applications. VPN applications may often be installedon a computer (e.g., user device), though some entities may provide apurpose-built VPN application as a hardware device that is pre-installedwith software to enable the VPN. Typically, a VPN application mayutilize one or more VPN protocols to encrypt and decrypt thecommunicated data. Some commonly used VPN protocols may include OpenVPN,SSTP, PPTP, L2TP/IPsec, SSL/TLS, Wireguard, IKEv2, and SoftEther.

SUMMARY

In one aspect, the present disclosure contemplates a method forproviding a split-configuration virtual private network (VPN), themethod including receiving, at a VPN server, an initiation request froma user device to establish a VPN connection with the VPN server, theinitiation request including remote content information associated withremote content; and transmitting at least a portion of the remotecontent information to a remote domain name services (DNS) server toreceive an access internet protocol (IP) address associated with a firstexchange point that is capable of obtaining the remote content.

In another aspect, the present disclosure contemplates a deviceassociated with a VPN, the device including a memory and a processorconfigured to: receive, at a VPN server, an initiation request from auser device to establish a VPN connection with the VPN server, theinitiation request including remote content information associated withremote content; and transmit at least a portion of the remote contentinformation to a remote domain name services (DNS) server to receive anaccess internet protocol (IP) address associated with a first exchangepoint that is capable of obtaining the remote content.

In another aspect, the present disclosure contemplates a non-transitorycomputer readable medium storing instructions, which when executed by aprocessor cause the processor to: receive, at a VPN server, aninitiation request from a user device to establish a VPN connection withthe VPN server, the initiation request including remote contentinformation associated with remote content; and transmit at least aportion of the remote content information to a remote domain nameservices (DNS) server to receive an access internet protocol (IP)address associated with a first exchange point that is capable ofobtaining the remote content.

It is to be understood that both the foregoing general description andthe following detailed description are exemplary and explanatory innature and are intended to provide an understanding of the presentdisclosure without limiting the scope thereof. In that regard,additional aspects, features, and advantages of the present disclosurewill be apparent to one skilled in the art from the following detaileddescription.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings illustrate aspects of systems, devices,methods, and/or mediums disclosed herein and together with thedescription, serve to explain the principles of the present disclosure.Throughout this description, like elements, in whatever aspectdescribed, refer to common elements wherever referred to and referencedby the same reference number. The characteristics, attributes,functions, interrelations ascribed to a particular element in onelocation apply to those elements when referred to by the same referencenumber in another location unless specifically stated otherwise.

The figures referenced below are drawn for ease of explanation of thebasic teachings of the present disclosure; the extensions of the figureswith respect to number, position, relationship, and dimensions of theparts to form the following aspects may be explained or may be withinthe skill of the art after the following description has been read andunderstood. Further, exact dimensions and dimensional proportions toconform to specific force, weight, strength, and similar requirementswill likewise be within the skill of the art after the followingdescription has been read and understood.

The following is a brief description of each figure used to describe thepresent disclosure, and thus, is being presented for illustrativepurposes only and should not be limitative of the scope of the presentdisclosure.

FIG. 1 is an illustration of an example system associated with providinga split-configuration VPN, according to various aspects of the presentdisclosure.

FIG. 2 is an illustration of an example system associated with providinga split-configuration VPN, according to various aspects of the presentdisclosure.

FIG. 3 is an illustration of an example flow associated with providing asplit-configuration VPN, according to various aspects of the presentdisclosure.

FIG. 4 is an illustration of an example process associated withproviding a split-configuration VPN, according to various aspects of thepresent disclosure.

FIG. 5 is an illustration of an example process associated withproviding a split-configuration VPN, according to various aspects of thepresent disclosure

FIG. 6 is an illustration of an example process associated withproviding a split-configuration VPN, according to various aspects of thepresent disclosure

FIG. 7 is an illustration of example devices associated with providing asplit-configuration VPN, according to various aspects of the presentdisclosure.

DETAILED DESCRIPTION

For the purposes of promoting an understanding of the principles of thepresent disclosure, reference will now be made to the aspectsillustrated in the drawings, and specific language may be used todescribe the same. It will nevertheless be understood that no limitationof the scope of the disclosure is intended. Any alterations and furthermodifications to the described devices, instruments, methods, and anyfurther application of the principles of the present disclosure arefully contemplated as would normally occur to one skilled in the art towhich the disclosure relates. In particular, it is fully contemplatedthat the features, components, and/or steps described with respect toone aspect may be combined with the features, components, and/or stepsdescribed with respect to other aspects of the present disclosure. Forthe sake of brevity, however, the numerous iterations of thesecombinations may not be described separately. For simplicity, in someinstances the same reference numbers are used throughout the drawings torefer to the same or like parts.

FIG. 1 is an illustration of an example system 100 associated withrotating exit IP addresses in a VPN, according to various aspects of thepresent disclosure. Example 100 shows an architectural depiction ofcomponents included in system 100. In some aspects, the components mayinclude a user device 102 capable of communicating with one or more VPNservers 120 and with a VPN service provider (VSP) control infrastructure104 over a network 122. The VSP control infrastructure 104 may becontrolled by a VPN service provider and may include an applicationprogramming interface (API) 106, a user database 108, processing unit110, a server database 116, and the one or more VPN servers 120. Asshown in FIG. 1 , the API 106 may be capable of communicating with theuser database 108 and with the processing unit 110. Additionally, theprocessing unit 110 may be capable of communicating with the serverdatabase, which may be capable of communicating with a testing module(not shown). The testing module may be capable of communicating with theone or more VPN servers 120 over the network 122. The processing unit110 may be capable of controlling operation of the one or more VPNservers 120.

The user device 102 may be a physical computing device capable ofhosting a VPN application and of connecting to the network 122. The userdevice 102 may be, for example, a laptop, a mobile phone, a tabletcomputer, a desktop computer, a smart device, a router, or the like. Insome aspects, the user device 102 may include, for example,Internet-of-Things (IoT) devices such as VSP smart home appliances,smart home security systems, autonomous vehicles, smart health monitors,smart factory equipment, wireless inventory trackers, biometric cybersecurity scanners, or the like. The network 122 may be any digitaltelecommunication network that permits several nodes to share and accessresources. In some aspects, the network 122 may include one or more of,for example, a local-area network (LAN), a wide-area network (WAN), acampus-area network (CAN), a metropolitan-area network (MAN), ahome-area network (HAN), Internet, Intranet, Extranet, and Internetwork.

The VSP control infrastructure 104 may include a combination of hardwareand software components that enable provision of VPN services to theuser device 102. The VSP control infrastructure 104 may interface with(the VPN application on) the user device 102 via the API 106, which mayinclude one or more endpoints to a defined request-response messagesystem. In some aspects, the API 106 may be configured to receive, viathe network 122, a connection request from the user device 102 toestablish a VPN connection with a VPN server 120. The connection requestmay include an authentication request to authenticate the user device102 and/or a request for an IP address of an optimal VPN server forestablishment of the VPN connection therewith. In some aspects, anoptimal VPN server may be a single VPN server 120 or a combination ofone or more VPN servers 120. The API 106 may receive the authenticationrequest and the request for an IP address of an optimal VPN server in asingle connection request. In some aspects, the API 106 may receive theauthentication request and the request for an IP address of an optimalVPN server in separate connection requests.

The API 106 may further be configured to handle the connection requestby mediating the authentication request. For instance, the API 106 mayreceive from the user device 102 credentials including, for example, aunique combination of a user ID and password for purposes ofauthenticating the user device 102. In another example, the credentialsmay include a unique validation code known to an authentic user. The API106 may provide the received credentials to the user database 108 forverification.

The user database 108 may include a structured repository of validcredentials belonging to authentic users. In one example, the structuredrepository may include one or more tables containing valid uniquecombinations of user IDs and passwords belonging to authentic users. Inanother example, the structured repository may include one or moretables containing valid unique validation codes associated withauthentic users. The VPN service provider may add or delete such validunique combinations of user IDs and passwords from the structuredrepository at any time. Based at least in part on receiving thecredentials from the API 106, the user database 108 and a processor(e.g., the processing unit 110 or another local or remote processor) mayverify the received credentials by matching the received credentialswith the valid credentials stored in the structured repository. In someaspects, the user database 108 and the processor may authenticate theuser device 102 when the received credentials match at least one of thevalid credentials. In this case, the VPN service provider may provideVPN services to the user device 102. When the received credentials failto match at least one of the valid credentials, the user database 108and the processor may fail to authenticate the user device 102. In thiscase, the VPN service provider may decline to provide VPN services tothe user device 102.

When the user device 102 is authenticated, the user device 102 mayinitiate a VPN connection and may transmit to the API 106 a request foran IP address of an optimal VPN server. The processing unit 110 includedin the VSP control infrastructure may be configured todetermine/identify a single VPN server 120 as the optimal server or alist of VPN servers. The processing unit 110 may utilize the API 106 totransmit the IP address of the optimal server or IP addresses of the VPNservers 120 included in the list to the user device 102. In the casewhere the list of IP addresses of the VPN servers 120 is provided, theuser device 102 may have an option to select a single VPN server 120from among the listed VPN servers as the optimal server 120. The userdevice 102 may transmit an initiation request to establish a VPNconnection (e.g., an encrypted tunnel) with the optimal VPN server. Insome aspects, the optimal VPN server with which the user deviceestablishes the encrypted tunnel may be referred to as a primary VPNserver or an entry VPN server. In some aspects, a VPN server 120 may bea piece of physical or virtual computer hardware and/or software capableof securely communicating with (the VPN application on) the user device102 for provision of VPN services.

The processing unit 110 may be a logical unit including a scoring engine112. The processing unit 110 may include a logical component configuredto perform complex operations to compute numerical weights related tovarious factors associated with the VPN servers 120. The scoring enginemay likewise include a logical component configured to performarithmetical and logical operations to compute a server penalty scorefor one or more of the VPN servers 120.

In some aspects, based at least in part on server penalty scorescalculated via the complex operations and/or the arithmetical andlogical operations, the processing unit 110 may determine an optimal VPNserver. In one example, the processing unit 110 may determine the VPNserver 120 with the lowest server penalty score as the optimal VPNserver. In another example, the processing unit 110 may determine thelist of optimal VPN servers by including, for example, three (or anyother number) VPN servers 120 with the three lowest server penaltyscores.

One or more components (e.g., API 106, user database 108, processingunit 110, and/or server database 116) included in the VSP controlinfrastructure 104 may further be associated with acontroller/processor, a memory, or a combination thereof. For instance,the one or more components of the set of components may include or maybe included in a controller/processor, a memory, or a combinationthereof. In some aspects, the one or more of the components included inthe VSP control infrastructure 104 may be separate and distinct fromeach other. Alternatively, in some aspects, one or more of thecomponents included in the VSP control infrastructure 104 may becombined with one or more of other components included in the VSPcontrol infrastructure 104. In some aspects, the one or more of thecomponents included in the VSP control infrastructure 104 may be localwith respect to each other. Alternatively, in some aspects, one or moreof the components included in the VSP control infrastructure 104 may belocated remotely with respect to one or more of other componentsincluded in the VSP control infrastructure 104. Additionally, oralternatively, one or more components of the components included in theVSP control infrastructure 104 may be implemented at least in part assoftware stored in a memory. For example, a component (or a portion of acomponent) may be implemented as instructions or code stored in anon-transitory computer-readable medium and executable by a controlleror a processor to perform the functions or operations of the component.Additionally, or alternatively, a set of (one or more) components shownin FIG. 1 may be configured to perform one or more functions describedas being performed by another set of components shown in FIG. 1 .

As indicated above, FIG. 1 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 1 .

A user device may receive remote content via a VPN network. Remotecontent may include content that is unavailable in a geographic locationwhere the user device is located. Remote content may also includemultimedia content such as audio content, video content, audio-videocontent, image content, or the like and/or non-multimedia content suchas textual data, textual information, or the like. The user device mayreceive the remote multimedia content via streaming, which may includereal-time reception and rendering of the remote multimedia content onthe user device.

To receive the remote content via the VPN network, the user device mayrequest VPN services from a VSP control infrastructure. The VSP controlinfrastructure may suggest a VPN server for providing VPN services tothe user device. The VPN server may be an optimal VPN server forproviding VPN services to the user device because, for example, the VPNserver may be located geographically/physically closer (and thereforeable to provide speedier service) to the user device as compared to theother VPN servers. The user device may establish a VPN connection withthe VPN server.

During the established VPN connection, the user device may transmit aremote content request for requesting the VPN server to provide theremote content. Based at least in part on receiving the remote contentrequest, the VPN server may utilize an associated domain name services(DNS) server to reach an exchange point to obtain the remote content.The associated DNS server may be a default DNS server utilized by theVPN server to service all received requests (e.g., requests for remotecontent, requests for local content, or the like). In an example, theDNS server may be local to the VPN server and/or may be included withinthe VPN server, thereby enabling speedy DNS services to the VPN server.

The default DNS server may fail to enable the VPN server to reach anexchange point capable of obtaining the remote content. For instance,the default DNS server may be limited to providing an access Internetprotocol (IP) address of an exchange point that is not be capable ofobtaining the remote content. An exchange point may not be capable ofobtaining the remote content because, for example, the exchange point isassociated with a VPN server and/or the exchange point is located in ageographic location (which may be similar to a location of the VPNserver and/or a location of the user device) where the remote content isunavailable. For instance, an exchange point may utilize a proxy IPaddress to obtain the remote content. A content provider of the remotecontent may decline to provide the remote content to the exchange pointbased on evaluating the proxy IP address and determining that theexchange point is associated with a VPN server. Additionally, oralternatively, the content provider may decline to provide the remotecontent to the exchange point based on evaluating the proxy IP addressand determining that the exchange point is located in a geographicallocation where the remote content is unavailable. As a result, the DNSserver may be unable to provide an access IP address of an exchangepoint capable of obtaining the remote content. Consequently, the VPNserver may be unable to provide the remote content to the user device.

To receive the remote content, the user device may disconnect theestablished VPN connection with the VPN server and establish a new VPNconnection with a new VPN server. The user device may select the new VPNserver, from a list of VPN servers presented by the VSP controlinfrastructure, based on the new VPN server being associated with adefault DNS server that is able to provide an access IP address of anexchange point capable of obtaining the remote content (e.g., located ina geographic location where the remote content is available).

Such new VPN server may be located at a threshold distance away from theuser device. As a result, the VPN connection with the new VPN server mayinclude a plurality of nodes and/or routers. For at least this reason,the new VPN server may be unable to provide the user device with speedyservice, which may be essential for streaming remote multimedia content.The user device may be unable to adequately stream the remote multimediacontent. Additionally, disconnecting the established VPN connection andestablishing the new VPN connection may inefficiently consume userdevice resources (e.g., processing resources, memory resources, powerconsumption resources, battery life, or the like) and resourcesassociated with the VPN (computational resources, network bandwidth,management resources, processing resources, memory resources, or thelike) that can otherwise be used to perform suitable tasks associatedwith the VPN. Also, based on a threshold amount of user devicesconnecting to the new VPN server to receive the remote content, the newVPN server may become overloaded, thereby consuming the resourcesassociated with the VPN that may otherwise be used for suitable tasksassociated with the VPN.

Various aspects of systems and techniques discussed in the presentdisclosure enable providing a split-configuration VPN. In some aspects,providing a split-configuration may include a VSP control infrastructureconfiguring a VPN server to utilize a first DNS server to service remotecontent requests requesting remote content and a second DNS server(e.g., default DNS server) to service local content requests requestinglocal content. Local content may include content that is available in ageographic location where the user device (and/or the VPN server) islocated. In some aspects, the VPN server may be configured to receive,from the user device, remote content information indicating parametersassociated with the remote content. The VPN server may receive theremote content information along with an initiation request from theuser device requesting to establish a VPN connection with the VPNserver. Based at least in part on the remote content information, theVPN server may configure the VPN connection to be associated with one ormore remote DNS servers that may enable the VPN server to reach anexchange point capable of obtaining the remote content. In some aspects,the exchange point may be capable of obtaining the remote content basedat least in part on being located in a geographic location where theremote content is available. During the VPN connection, the VPN servermay transmit at least a portion of the remote content information toenable the exchange point to obtain the remote content.

In this way, the VSP control infrastructure may configure the VPN serverto receive the remote content and to provide the remote content to theuser device without the user device disconnecting an established VPNconnection with the VPN server and establishing a new VPN connectionwith a new VPN server. As a result, efficient consumption of user deviceresources and resources associated with the VPN may be enabled.Additionally, because the VPN server may be an optimal VPN server toprovide VPN services to the user device, the user device may receivespeedier service as compared to the new VPN server. Also, overloading ofthe new VPN server by users receiving the remote content may be avoided,thereby conserving resources associated with the VPN.

In some aspects, a processing unit (e.g., processing unit 110) includedin the VSP control infrastructure may configure a VPN server to receivean initiation request from a user device to establish a VPN connection,the initiation request including remote content information associatedwith remote content; and to transmit at least a portion of the remotecontent information to a remote domain name services (DNS) server toenable the remote DNS server to provide an access internet protocol (IP)address associated with a first exchange point that is capable ofobtaining the remote content.

FIG. 2 is an illustration of an example system 200 associated withproviding a split-configuration VPN, according to various aspects of thepresent disclosure. The example system 200 may include a user device102, a VPN server 120 associated with a default DNS server 210, one ormore remote DNS servers 220, an exchange point 230, and an exchangepoint 240. The default DNS server 210 may be local to the VPN server 120and/or may be included within the VPN server 120, thereby enablingspeedy DNS services to the VPN server 120 with respect to obtaininglocal content. The one or more remote DNS servers 220 may be locatedremotely with respect to the VPN server 120 and may enable the VPNserver 120 to obtain remote content. The VPN server 120 may beconfigured by a VSP control infrastructure (not shown) to provide VPNservices to the user device 102. In some aspects, the exchange point 230and the exchange point 240 may include, or may be included within, aproxy server.

The user device 102 may undergo an authentication process with a VSPcontrol infrastructure (e.g., VSP control infrastructure) to receive VPNservices via a VPN network. Such VPN services may include receivingremote content and receiving local content. Remote content may includecontent unavailable in a geographic location associated with the userdevice 102 and/or the VPN server 120. Local content may include contentavailable in the geographic location associated with the user device 102and/or the VPN server 120. Remote content may include remote multimediacontent such as, for example, audio content, video content, audio-videocontent, images, animations, slideshows, interactive gaming media,low-latency applications such as gambling applications, or the likeand/or may include remote data content such as, for example, textualdata, textual information, or the like. The user device 102 may receiveremote multimedia content via streaming, which may include real-timereception and rendering of the remote multimedia content on the userdevice 120 and/or on a device associated with the user device 120. Assuch, streaming may enable low-latency, instantaneous distribution andreception of the remote multimedia content. Local content may includelocal multimedia content and/or local data content. The local multimediacontent may be similar to remote multimedia content and the local datacontent may be similar to the remote data content.

Upon authentication of the user device 102, the VSP controlinfrastructure may enable the user device 102 to establish a VPNconnection with the VPN server 120, which may be an optimal VPN serverfor providing VPN services to the user device 102. In some aspects, theVPN server 120 may be the optimal server because, for example, becausethe VPN server 120 may be located geographically/physically closer (andtherefore able to provide speedier service) to the user device 102 ascompared to the other VPN servers, the VPN server 120 may have thehighest available bandwidth to provide VPN services to the user device102 as compared to the other VPN servers, and/or the VPN server 120 maybe located geographically/physically closer to an international Internetexchange hub (and therefore able to provide speedier service) ascompared to the other VPN servers.

To establish the VPN connection, the user device 102 may transmit, andthe VPN server 120 may receive, an initiation request. Substantiallysimultaneously to receiving the initiation request, the VPN server 120may receive remote content information. In some aspects, the remotecontent information may be included in the initiation request. In someaspects, the remote content information may be appended to a messageincluding the initiation request. In some aspects, the remote contentinformation and the initiation request may be received in separatecommunications. In some aspects, a client application installed on theuser device 102 may enable the user device 102 to transmit theinitiation request and the remote content information to the VPN server120. The client application may include a graphical interface to acceptremote content information via an input interface (e.g., touch screen,keyboard, mouse, pointer, etc.) associated with the user device 102. Insome aspects, the client application may activate, at a time associatedwith transmitting the initiation request, the graphical interface foraccepting remote content information. In some aspects, the graphicalinterface may present, for example, a pop-up menu on a screen associatedwith the user device 102 requesting entry of the remote contentinformation via the input interface.

The remote content information may include information associated withthe remote content that the user device 120 may receive. The remotecontent information may describe the remote content. In an example, theremote content information may indicate that the remote content isremote multimedia content (e.g., audio content, video content,audio-video content, etc.). In another example, the remote contentinformation may identify a content provider of the remote content. Forinstance, the remote content information may indicate a domain nameassociated with the content provider. In yet another example, the remotecontent information may indicate a geographical location where theremote content is available.

Based at least in part on receiving the initiation request, the VPNserver 120 may enable the user device 102 to establish a VPN connectionwith the VPN server 120. In some aspects, the VPN connection may beestablished using a VPN protocol such as, for example, proxy protocolv2, IP in IP (Protocol 4): IP in IPv4/IPv6; SIT/IPv6 (Protocol 41): IPv6in IPv4/IPv6; GRE (Protocol 47): Generic Routing Encapsulation; OpenVPN(UDP port 1194); SSTP (TCP port 443): Secure Socket Tunneling Protocol;IPSec (Protocol 50 and 51): Internet Protocol Security; L2TP (Protocol115): Layer 2 Tunneling Protocol; VXLAN (UDP port 4789): VirtualExtensible Local Area Network; WireGuard; Quic, and other available datacommunication protocols and their future iterations.

Further, based at least in part on the remote content information, theVPN server 120 may configure the VPN connection to be associated withone or more remote DNS servers 220 that may enable the VPN server 120 toreach an exchange point capable of obtaining the remote content. Forinstance, the VPN server 120 may configure the VPN connection to beassociated with the one or more remote DNS servers 220 that can provideaccess IP addresses of exchange points (e.g., exchange point 240)capable of obtaining the remote content. In some aspects, such exchangepoints may be located in a geographic location where the remote contentis available.

In some aspects, the one or more remote DNS servers 220 may haverespective predetermined lists of exchange points for whom the one ormore remote DNS servers 220 are capable of providing access IPaddresses. The VPN server 120 may evaluate such predetermined lists todetermine exchange points capable of obtaining the remote content to bereceived by the user device 102 and, therefore, select the one or moreremote DNS servers 220 with which to associate the VPN connection. Suchone or more remote DNS servers 220 may be separate from the default DNSserver 210.

In an example, when a user device 102 located in a first geographicallocation (e.g., Sweden) transmits remote content information indicatingthat remote content available in a second geographical location (e.g.,United States) may be received, the VPN server 120, which may be locatedin or near the first geographical location, may configure the VPNconnection to be associated with one or more remote DNS servers 220 thatcan provide access IP addresses of exchange points located in or nearthe second geographical location where the remote content is available.The VPN server 120 may evaluate respective predetermined lists ofexchange points associated with the one or more remote DNS servers 220to determine exchange points located in or near the second geographicallocation (e.g., capable of obtaining the remote content) and, therefore,the one or more remote DNS servers 220 with which to associate the VPNconnection.

Further, the VPN server 120 may configure DNS settings associated withthe VPN connection such that when a remote content request for theremote content is received from the user device 102 during the VPNconnection (e.g., after the VPN connection is established), the VPNserver 120 may utilize the one or more remote DNS servers 220 to receivean access IP address for an exchange point (e.g., exchange point 240)located in or near the second geographical location where the remotecontent is available. In some aspects, the VPN server 120 may transmitat least a portion of the remote content information to the one or moreremote DNS servers 220 to enable the one or more remote DNS servers 220to provide an access IP address associated with the exchange point. Insome aspects, the exchange point located in or near the secondgeographical location may utilize a proxy IP address associated with aproxy device (e.g., a laptop computer, a desktop computer, a smartphone, a tablet computer, or the like) that is also located in or nearthe second geographical location. As a result, the content provider mayagree to provide the remote content to the exchange point based at leastin part on evaluating the proxy IP address and determining that theexchange point is located in or near the second geographical locationwhere the remote content is available. In this way, the VPN server 120may enable the user device 102, that is located in the firstgeographical location where the remote content is unavailable, toreceive the remote content via the exchange point located in or near thesecond geographical location where the remote content is available.

During the VPN connection, the VPN server 120 may receive a remotecontent request for the remote content. Based at least in part onreceiving the remote content request, the VPN server 120 may communicate(e.g., transmit and/or receive) with the one or more remote DNS servers220 to receive an access IP address associated with, for example,exchange point 240 (e.g., remote exchange point) that is located in ageographical location where the remote content is available. Based atleast in part on receiving the access IP address associated with theexchange point 240, the VPN server 120 may transmit at least a portionof the remote content information and/or the remote content request tothe exchange point 240. The exchange point 240 may utilize a proxy IPaddress associated with a proxy device that is also located in thegeographical location where the remote content is available to obtainthe remote content. Based at least in part on obtaining the remotecontent, the exchange point 240 may transmit, and the VPN server 120 mayreceive, the remote content. Based at least in part on receiving theremote content from the exchange point 240, the VPN server 120 mayprovide the remote content to the user device 102 via the VPNconnection.

During the VPN connection, the VPN server 120 may also receive a localcontent request including local content information for requesting localcontent. In some aspects, the VPN server 120 may receive the localcontent request substantially simultaneously with the remote contentrequest. In some aspects, the VPN server may receive the local contentrequest at a different time with respect to the remote content request.Based at least in part on receiving the local content request and/ordetermining that the local content request is associated with localcontent, the VPN server 120 may select to utilize the default DNS server210 to receive an access IP address associated with, for example,exchange point 230 (e.g., local exchange point) that is capable ofobtaining the local content. Based at least in part on receiving theaccess IP address associated with the exchange point 230, the VPN server120 may transmit at least a portion of the local content informationand/or the local content request to the exchange point 230. The exchangepoint 230 may utilize a proxy IP address associated with a proxy devicethat is also located in the geographical location where the localcontent is available to obtain the local content. Based at least in parton obtaining the local content, the exchange point 230 may transmit, andthe VPN server 120 may receive, the local content. Based at least inpart on receiving the local content from the exchange point 230, the VPNserver 120 may provide the local content to the user device 102 via theVPN connection.

In this way, by providing a split-configuration to utilize a remote DNSserver to service remote content requests requesting remote content anda default DNS server to service local content requests requesting localcontent, a VPN server may enable a user device located in a geographicallocation, where the remote content is unavailable, to receive the remotecontent via the VPN connection. Additionally, the VPN server may providethe remote content to a user device without the user devicedisconnecting an established VPN connection with the VPN server andestablishing a new VPN connection with a new VPN server. As a result,efficient consumption of user device resources and resources associatedwith the VPN may be enabled. Additionally, because the VPN server may bean optimal VPN server to provide VPN services to the user device, theuser device may receive speedier service as compared to the new VPNserver. Also, overloading of a VPN server (e.g., new VPN server) that iscapable of providing the remote content may be avoided, therebyconserving resources associated with the VPN.

As indicated above, FIG. 2 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 2 .

FIG. 3 is an illustration of an example flow 300 associated withproviding a split-configuration VPN, according to various aspects of thepresent disclosure. The example flow 300 may include a user device 102in communication with a VPN server 120. In some aspects, as discussedelsewhere herein, a VSP control infrastructure associated with the VPNserver 120 may configure the VPN server 120 to provide VPN services tothe user device 102.

As shown by reference numeral 310, upon authentication of the userdevice 102, the VPN server 120 may receive an initiation request and/orremote content information to establish a VPN connection, as discussedelsewhere herein. Based at least in part on receiving the initiationrequest and/or the remote content information, as shown by referencenumeral 320, the VPN server 120 may establish and configure the VPNconnection. In some aspects, as discussed elsewhere herein, configuringthe VPN connection may include associating the VPN connection with oneor more remote DNS servers (e.g., remote DNS server 220) that may enablethe VPN server 120 to reach an exchange point (e.g., exchange point 240)capable of obtaining the remote content. Further, as discussed elsewhereherein, configuring the VPN connection may include configuring DNSsettings associated with the VPN connection such that when a remotecontent request for the remote content is received from the user device102 during the VPN connection (e.g., after the VPN connection isestablished), the VPN server 120 may utilize the one or more remote DNSservers 220 to receive an access IP address for the exchange pointcapable of obtaining the remote content.

During the VPN connection, as shown by reference numeral 330, the VPNserver 120 may receive a remote content request for the remote content.As shown by reference numeral 340, the VPN server 120 may receive theremote content by communicating with the exchange point capable ofobtaining the remote content, as discussed elsewhere herein. Based atleast in part on receiving the remote content, as shown by referencenumber 350, the VPN server 120 may provide the remote content to theuser device 102 via the VPN connection as discussed elsewhere herein.

During the VPN connection, as shown by reference numeral 360, the VPNserver 120 may receive a local content request for the local content. Asshown by reference numeral 370, the VPN server 120 may receive the localcontent by communicating with the exchange point capable of obtainingthe local content, as discussed elsewhere herein. Based at least in parton receiving the local content, as shown by reference number 380, theVPN server 120 may provide the local content to the user device 102 viathe VPN connection as discussed elsewhere herein.

As indicated above, FIG. 3 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 3 .

FIG. 4 is an illustration of an example process 400 associated withproviding a split-configuration VPN, according to various aspects of thepresent disclosure. In some aspects, the process 400 may be performed bya memory (e.g., memory 730) and/or a processor (e.g., processor 720)associated with a VPN server (e.g., VPN server 120). As shown byreference numeral 410, process 400 may include receiving, at a VPNserver, an initiation request from a user device to establish a VPNconnection with the VPN server, the initiation request including remotecontent information associated with remote content. For instance, theVPN server may utilize a communication interface (e.g., communicationinterface 770) and the associated memory and/or processor to receive aninitiation request from a user device to establish a VPN connection withthe VPN server, the initiation request including remote contentinformation associated with remote content, as discussed elsewhereherein.

As shown by reference numeral 420, process 400 may include transmittingat least a portion of the remote content information to a remote domainname services (DNS) server to enable the remote DNS server to provide anaccess internet protocol (IP) address associated with a first exchangepoint that is capable of obtaining the remote content. For instance, theVPN server may utilize the communication interface (e.g., communicationinterface 770) and the associated memory and/or processor to transmit atleast a portion of the remote content information to a remote domainname services (DNS) server to enable the remote DNS server to provide anaccess internet protocol (IP) address associated with a first exchangepoint that is capable of obtaining the remote content, as discussedelsewhere herein.

Process 400 may include additional aspects, such as any single aspect orany combination of aspects described below and/or in connection with oneor more other processes described elsewhere herein.

In a first aspect, process 400 may include selecting the remote DNSserver based at least in part on an association of the remote DNS serverwith the first exchange point that is capable of obtaining the remotecontent.

In a second aspect, alone or in combination with the first aspect,process 400 may include selecting the remote DNS server based at leastin part on determining that the remote DNS server can provide the accessIP address of the first exchange point.

In a third aspect, alone or in combination with the first through secondaspects, process 400 may include receiving, from the remote DNS server,the access IP address associated with the first exchange point based atleast in part on transmitting at least a portion of the remote contentinformation to the remote DNS server.

In a fourth aspect, alone or in combination with the first through thirdaspects, process 400 may include receiving, during the VPN connection, aremote content request for the remote content; transmitting informationassociated with the remote content request to the first exchange point;receiving the remote content from the first exchange point; andtransmitting the remote content to the user device.

In a fifth aspect, alone or in combination with the first through fourthaspects, in process 400, the remote content information indicates ageographical location where the remote content is available.

In a sixth aspect, alone or in combination with the first through fifthaspects, process 400 may include receiving, during the VPN connection, alocal content request for the local content; transmitting informationassociated with the local content request to a second exchange point;receiving the local content from the second exchange point; andtransmitting the local content to the user device.

Although FIG. 4 shows example blocks of the process, in some aspects,the process may include additional blocks, fewer blocks, differentblocks, or differently arranged blocks than those depicted in FIG. 4 .Additionally, or alternatively, two or more of the blocks of the processmay be performed in parallel.

As indicated above, FIG. 4 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 4 .

FIG. 5 is an illustration of an example process 500 associated withproviding a split-configuration VPN, according to various aspects of thepresent disclosure. In some aspects, the process 500 may be performed bya memory (e.g., memory 730) and/or a processor (e.g., processor 720)associated with a VPN server (e.g., VPN server 120). As shown byreference numeral 510, process 500 may include receiving, during a VPNconnection, a local content request requesting local content. Forinstance, the VPN server may utilize a communication interface (e.g.,communication interface 770) and the associated memory and/or processorto receive, during a VPN connection, a local content request requestinglocal content, as discussed elsewhere herein.

As shown by reference numeral 520, process 500 may include transmitting,to a local exchange point that is capable of obtaining the localcontent, at least a portion of the local content request to enable thelocal exchange point to provide the local content. For instance, the VPNserver may utilize the communication interface (e.g., communicationinterface 770) and the associated memory and/or processor to transmit,to a local exchange point that is capable of obtaining the localcontent, at least a portion of the local content request to enable thelocal exchange point to provide the local content, as discussedelsewhere herein.

As shown by reference numeral 530, process 500 may include receiving,during the VPN connection, a remote content request requesting remotecontent. For instance, the VPN server may utilize the communicationinterface (e.g., communication interface 770) and the associated memoryand/or processor to receive, during the VPN connection, a remote contentrequest requesting remote content, as discussed elsewhere herein.

As shown by reference numeral 540, process 500 may include receiving,during the VPN connection, a remote content request requesting remotecontent. For instance, the VPN server may utilize the communicationinterface (e.g., communication interface 770) and the associated memoryand/or processor to transmit, to a remote exchange point that is capableof obtaining the remote content, at least a portion of the remotecontent request to enable the remote exchange point to provide theremote content, as discussed elsewhere herein.

Process 500 may include additional aspects, such as any single aspect orany combination of aspects described below and/or in connection with oneor more other processes described elsewhere herein.

In a first aspect, in process 500, the local content request and theremote content request are received substantially simultaneously.

In a second aspect, alone or in combination with the first aspect,process 500 may include receiving, prior to establishment of the VPNconnection, remote content information associated with the remotecontent.

In a third aspect, alone or in combination with the first through secondaspects, process 500 may include selecting, based at least in part onremote content information received prior to establishment of the VPNconnection, a domain name services (DNS) server to provide an accessinternet protocol (IP) address associated with the remote exchangepoint.

In a fourth aspect, alone or in combination with the first through thirdaspects, process 500 may include transmitting, to a remote domain nameservices (DNS) server, at least a portion of remote content informationreceived prior to establishment of the VPN connection; and receiving,from the remote DNS server, an access internet protocol (IP) addressassociated with the remote exchange point, wherein transmitting at leastthe portion of the remote content request includes transmitting at leastthe portion of the remote content request using the IP addressassociated with the remote exchange point.

In a fifth aspect, alone or in combination with the first through fourthaspects, process 500 may include receiving, from the local exchangepoint, the local content based at least in part on transmitting at leastthe portion of the local content request to the local exchange point;and transmitting the local content to a user device.

In a sixth aspect, alone or in combination with the first through fifthaspects, process 500 may include receiving, during the VPN connection, alocal content request for the local content; transmitting informationassociated with the local content request to a second exchange point;receiving the local content from the second exchange point; andtransmitting the local content to the user device.

Although FIG. 5 shows example blocks of the process, in some aspects,the process may include additional blocks, fewer blocks, differentblocks, or differently arranged blocks than those depicted in FIG. 5 .Additionally, or alternatively, two or more of the blocks of the processmay be performed in parallel.

As indicated above, FIG. 5 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 5 .

FIG. 6 is an illustration of an example process 600 associated withproviding a split-configuration VPN, according to various aspects of thepresent disclosure. In some aspects, the process 600 may be performed bya memory (e.g., memory 730) and/or a processor (e.g., processor 720,processing unit 110, etc.) associated with a VSP control infrastructure(e.g., VSP control infrastructure 104). As shown by reference numeral610, process 600 may include configuring a VPN server to receive, duringa VPN connection, a local content request requesting local content. Forinstance, the VSP control infrastructure may utilize an associatedmemory and/or a processor to configure a VPN server to receive, during aVPN connection, a local content request requesting local content, asdiscussed elsewhere herein.

As shown by reference numeral 620, process 600 may include configuringthe VPN server to transmit, to a local exchange point that is capable ofobtaining the local content, at least a portion of the local contentrequest to enable the local exchange point to provide the local content.For instance, the VPN server may utilize the associated memory and/orprocessor to configure the VPN server to transmit, to a local exchangepoint that is capable of obtaining the local content, at least a portionof the local content request to enable the local exchange point toprovide the local content, as discussed elsewhere herein.

As shown by reference numeral 630, process 600 may include configuringthe VPN server to receive, during the VPN connection, a remote contentrequest requesting remote content. For instance, the VPN server mayutilize the associated memory and/or processor to configure configuringthe VPN server to receive, during the VPN connection, a remote contentrequest requesting remote content, as discussed elsewhere herein.

As shown by reference numeral 640, process 600 may include configuringthe VPN server to transmit, to a remote exchange point that is capableof obtaining the remote content, at least a portion of the remotecontent request to enable the remote exchange point to provide theremote content. For instance, the VPN server may utilize the associatedmemory and/or processor to configure the VPN server to transmit, to aremote exchange point that is capable of obtaining the remote content,at least a portion of the remote content request to enable the remoteexchange point to provide the remote content, as discussed elsewhereherein.

Process 600 may include additional aspects, such as any single aspect orany combination of aspects described below and/or in connection with oneor more other processes described elsewhere herein.

In a first aspect, process 600 includes configuring the VPN server toreceive the local content request and the remote content requestsubstantially simultaneously.

In a second aspect, alone or in combination with the first aspect,process 600 includes configuring the VPN server to receive, prior toestablishment of the VPN connection, remote content informationassociated with the remote content.

In a third aspect, alone or in combination with the first through secondaspects, process 600 includes configuring the VPN server to select,based at least in part on remote content information received prior toestablishment of the VPN connection, a domain name services (DNS) serverto provide an access internet protocol (IP) address associated with theremote exchange point.

In a fourth aspect, alone or in combination with the first through thirdaspects, process 600 includes configuring the VPN server to transmit, toa remote domain name services (DNS) server, at least a portion of remotecontent information received prior to establishment of the VPNconnection; and configuring the VPN server to receive, from the remoteDNS server, an access internet protocol (IP) address associated with theremote exchange point, wherein configuring the VPN server to transmit atleast the portion of the remote content request includes configuring theVPN server to transmit at least the portion of the remote contentrequest using the IP address associated with the remote exchange point.

In a fifth aspect, alone or in combination with the first through fourthaspects, process 600 includes configuring the VPN server to receive,from the remote exchange point, the remote content based at least inpart on transmitting at least the portion of the remote content requestto the remote exchange point; and configuring the VPN server to transmitthe remote content to a user device.

In a sixth aspect, alone or in combination with the first through fifthaspects, process 600 includes configuring the VPN server to receive,from the local exchange point, the local content based at least in parton transmitting at least the portion of the local content request to thelocal exchange point; and configuring the VPN server to transmit thelocal content to a user device.

Although FIG. 6 shows example blocks of the process, in some aspects,the process may include additional blocks, fewer blocks, differentblocks, or differently arranged blocks than those depicted in FIG. 6 .Additionally, or alternatively, two or more of the blocks of the processmay be performed in parallel.

As indicated above, FIG. 6 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 6 .

FIG. 7 is an illustration of example devices 700, according to variousaspects of the present disclosure. In some aspects, the example devices700 may form part of or implement the systems, servers, environments,infrastructures, components, devices, or the like described elsewhereherein (e.g., VSP control infrastructure, VPN server, etc.). The exampledevices 700 may include a universal bus 710 communicatively coupling aprocessor 720, a memory 730, a storage component 740, an input component750, an output component 760, and a communication interface 770.

Bus 710 may include a component that permits communication amongmultiple components of a device 700. Processor 720 may be implemented inhardware, firmware, and/or a combination of hardware and software.Processor 720 may take the form of a central processing unit (CPU), agraphics processing unit (GPU), an accelerated processing unit (APU), amicroprocessor, a microcontroller, a digital signal processor (DSP), afield-programmable gate array (FPGA), an application-specific integratedcircuit (ASIC), or another type of processing component. In someaspects, processor 720 may include one or more processors capable ofbeing programmed to perform a function. Memory 730 may include a randomaccess memory (RAM), a read only memory (ROM), and/or another type ofdynamic or static storage device (e.g., a flash memory, a magneticmemory, and/or an optical memory) that stores information and/orinstructions for use by processor 720.

Storage component 740 may store information and/or software related tothe operation and use of a device 700. For example, storage component740 may include a hard disk (e.g., a magnetic disk, an optical disk,and/or a magneto-optic disk), a solid state drive (SSD), a compact disc(CD), a digital versatile disc (DVD), a floppy disk, a cartridge, amagnetic tape, and/or another type of non-transitory computer-readablemedium, along with a corresponding drive.

Input component 750 may include a component that permits a device 700 toreceive information, such as via user input (e.g., a touch screendisplay, a keyboard, a keypad, a mouse, a button, a switch, and/or amicrophone). Additionally, or alternatively, input component 750 mayinclude a component for determining location (e.g., a global positioningsystem (GPS) component) and/or a sensor (e.g., an accelerometer, agyroscope, an actuator, another type of positional or environmentalsensor, and/or the like). Output component 760 may include a componentthat provides output information from device 700 (via, for example, adisplay, a speaker, a haptic feedback component, an audio or visualindicator, and/or the like).

Communication interface 770 may include a transceiver-like component(e.g., a transceiver, a separate receiver, a separate transmitter,and/or the like) that enables a device 700 to communicate with otherdevices, such as via a wired connection, a wireless connection, or acombination of wired and wireless connections. Communication interface770 may permit device 700 to receive information from another deviceand/or provide information to another device. For example, communicationinterface 770 may include an Ethernet interface, an optical interface, acoaxial interface, an infrared interface, a radio frequency (RF)interface, a universal serial bus (USB) interface, a Wi-Fi interface, acellular network interface, and/or the like.

A device 700 may perform one or more processes described elsewhereherein. A device 700 may perform these processes based on processor 720executing software instructions stored by a non-transitorycomputer-readable medium, such as memory 730 and/or storage component740. As used herein, the term “computer-readable medium” may refer to anon-transitory memory device. A memory device may include memory spacewithin a single physical storage device or memory space spread acrossmultiple physical storage devices.

Software instructions may be read into memory 730 and/or storagecomponent 740 from another computer-readable medium or from anotherdevice via communication interface 770. When executed, softwareinstructions stored in memory 730 and/or storage component 740 may causeprocessor 720 to perform one or more processes described elsewhereherein. Additionally, or alternatively, hardware circuitry may be usedin place of or in combination with software instructions to perform oneor more processes described elsewhere herein. Thus, implementationsdescribed herein are not limited to any specific combination of hardwarecircuitry and software.

The quantity and arrangement of components shown in FIG. 7 are providedas an example. In practice, a device 700 may include additionalcomponents, fewer components, different components, or differentlyarranged components than those shown in FIG. 7 . Additionally, oralternatively, a set of components (e.g., one or more components) of adevice 700 may perform one or more functions described as beingperformed by another set of components of a device 700.

As indicated above, FIG. 7 is provided as an example. Other examples maydiffer from what is described with regard to FIG. 7 .

Persons of ordinary skill in the art will appreciate that the aspectsencompassed by the present disclosure are not limited to the particularexemplary aspects described herein. In that regard, althoughillustrative aspects have been shown and described, a wide range ofmodification, change, and substitution is contemplated in the foregoingdisclosure. It is understood that such variations may be made to theaspects without departing from the scope of the present disclosure.Accordingly, it is appropriate that the appended claims be construedbroadly and in a manner consistent with the present disclosure.

The foregoing disclosure provides illustration and description, but isnot intended to be exhaustive or to limit the aspects to the preciseform disclosed. Modifications and variations may be made in light of theabove disclosure or may be acquired from practice of the aspects.

As used herein, the term “component” or “device” is intended to bebroadly construed as hardware, firmware, or a combination of hardwareand software. As used herein, a processor is implemented in hardware,firmware, or a combination of hardware and software.

As used herein, satisfying a threshold may, depending on the context,refer to a value being greater than the threshold, greater than or equalto the threshold, less than the threshold, less than or equal to thethreshold, equal to the threshold, or not equal to the threshold, amongother examples, or combinations thereof.

It will be apparent that systems or methods described herein may beimplemented in different forms of hardware, firmware, or a combinationof hardware and software. The actual specialized control hardware orsoftware code used to implement these systems or methods is not limitingof the aspects. Thus, the operation and behavior of the systems ormethods were described herein without reference to specific softwarecode—it being understood that software and hardware can be designed toimplement the systems or methods based, at least in part, on thedescription herein.

Even though particular combinations of features are recited in theclaims or disclosed in the specification, these combinations are notintended to limit the disclosure of various aspects. In fact, many ofthese features may be combined in ways not specifically recited in theclaims or disclosed in the specification. Although each dependent claimlisted below may directly depend on only one claim, the disclosure ofvarious aspects includes each dependent claim in combination with everyother claim in the claim set. A phrase referring to “at least one of” alist of items refers to any combination of those items, including singlemembers. As an example, “at least one of: a, b, or c” is intended tocover a, b, c, a-b, a-c, b-c, and a-b-c, as well as any combination withmultiples of the same element (for example, a-a, a-a-a, a-a-b, a-a-c,a-b-b, a-c-c, b-b, b-b-b, b-b-c, c-c, and c-c-c or any other ordering ofa, b, and c).

No element, act, or instruction used herein should be construed ascritical or essential unless explicitly described as such. Also, as usedherein, the articles “a” and “an” are intended to include one or moreitems, and may be used interchangeably with “one or more.” Further, asused herein, the article “the” is intended to include one or more itemsreferenced in connection with the article “the” and may be usedinterchangeably with “the one or more.” Furthermore, as used herein, theterm “set” is intended to include one or more items (e.g., relateditems, unrelated items, a combination of related and unrelated items,etc.), and may be used interchangeably with “one or more.” Where onlyone item is intended, the phrase “only one” or similar language is used.Also, as used herein, the terms “has,” “have,” “having,” or the like areintended to be open-ended terms. Further, the phrase “based on” isintended to mean “based, at least in part, on” unless explicitly statedotherwise. Also, as used herein, the term “or” is intended to beinclusive when used in a series and may be used interchangeably with“and/or,” unless explicitly stated otherwise (e.g., if used incombination with “either” or “only one of”).

What is claimed is:
 1. A method associated with a split-configuration virtual private network (VPN), the method comprising: receiving, by a VPN server from a user device prior to establishment of a VPN connection between the VPN server and the user device, an initiation request to establish the VPN connection, the initiation request including remote content information indicating remote content that is to be requested by the user device after the VPN connection is established, the remote content being unavailable in a geographic location of the user device; and configuring, by the VPN server based at least in part on the remote content information, domain name services (DNS) settings associated with the VPN connection to associate the VPN connection with a remote DNS server that is capable of enabling the VPN server to obtain the remote content after establishment of the VPN connection.
 2. The method of claim 1, further comprising: selecting, by the VPN server, the remote DNS server based at least in part on an association of the remote DNS server with an exchange point located in a location where the remote content is available.
 3. The method of claim 1, further comprising: selecting, by the VPN server, the remote DNS server based at least in part on determining that the remote DNS server can provide an access IP address of an exchange point capable of enabling the VPN server to obtain the remote content.
 4. The method of claim 1, further comprising: configuring, by the VPN server, the DNS settings associated with the VPN connection to be associated with a local DNS server that is capable of enabling the VPN server to obtain local content that is available in the geographic location of the user device.
 5. The method of claim 1, further comprising: receiving, by the VPN server from the remote DNS server, an access IP address of an exchange point capable of enabling the VPN server to obtain the remote content; and transmitting, by the VPN server to the exchange point based at least in part on utilizing the access IP address, a request to receive the remote content.
 6. The method of claim 1, further comprising: receiving, by the VPN server from the user device after establishment of the VPN connection, a local content request for local content that is available in the geographic location of the user device; and transmitting, by the VPN server to the user device, the local content that is obtained based at least in part on utilizing a local DNS server.
 7. The method of claim 1, wherein the remote content information indicates a geographical location where the remote content is available.
 8. A virtual private network (VPN) server, comprising: a memory; and a processor communicatively coupled to the memory, the memory and the processor being configured to: receive, from a user device prior to establishment of a VPN connection between the VPN server and the user device, an initiation request to establish the VPN connection, the initiation request including remote content information indicating remote content that is to be requested by the user device after the VPN connection is established, the remote content being unavailable in a geographic location of the user device; and configure, based at least in part on the remote content information, domain name services (DNS) settings associated with the VPN connection to associate the VPN connection with a remote DNS server that is capable of enabling the VPN server to obtain the remote content after establishment of the VPN connection.
 9. The device of claim 8, wherein the memory and the processor are configured to select the remote DNS server based at least in part on an association of the remote DNS server with an exchange point located in a location where the remote content is available.
 10. The device of claim 8, wherein the memory and the processor are configured to select the remote DNS server based at least in part on determining that the remote DNS server can provide an access IP address of an exchange point capable of enabling the VPN server to obtain the remote content.
 11. The device of claim 8, wherein the memory and the processor are configured to configure the DNS settings associated with the VPN connection to be associated with a local DNS server that is capable of enabling the VPN server to obtain local content that is available in the geographic location of the user device.
 12. The device of claim 8, wherein the memory and the processor are configured to: receive, from the remote DNS server, an access IP address of an exchange point capable of enabling the VPN server to obtain the remote content; and transmit, to the exchange point based at least in part on utilizing the access IP address, a request to receive the remote content.
 13. The device of claim 8, wherein the memory and the processor are configured to: receive, from the user device after establishment of the VPN connection, a local content request for local content that is available in the geographic location of the user device; and transmit, to the user device, the local content that is obtained based at least in part on utilizing a local DNS server.
 14. The device of claim 8, wherein the remote content information indicates a geographical location where the remote content is available.
 15. A non-transitory computer-readable medium configured to store instructions, which when executed by a processor associated with a virtual private network (VPN) server, configure the processor to: receive, from a user device prior to establishment of a VPN connection between the VPN server and the user device, an initiation request to establish the VPN connection, the initiation request including remote content information indicating remote content that is to be requested by the user device after the VPN connection is established, the remote content being unavailable in a geographic location of the user device; and configure, based at least in part on the remote content information, domain name services (DNS) settings associated with the VPN connection to associate the VPN connection with a remote DNS server that is capable of enabling the VPN server to obtain the remote content after establishment of the VPN connection.
 16. The non-transitory computer-readable medium of claim 15, wherein the processor is configured to select the remote DNS server based at least in part on an association of the remote DNS server with an exchange point located in a location where the remote content is available.
 17. The non-transitory computer-readable medium of claim 15, wherein, the processor is configured to select the remote DNS server based at least in part on determining that the remote DNS server can provide an access IP address of an exchange point capable of enabling the VPN server to obtain the remote content.
 18. The non-transitory computer-readable medium of claim 15, wherein the processor is configured to configure the DNS settings associated with the VPN connection to be associated with a local DNS server that is capable of enabling the VPN server to obtain local content that is available in the geographic location of the user device.
 19. The non-transitory computer-readable medium of claim 15, wherein the processor is configured to: receive, from the remote DNS server, an access IP address of an exchange point capable of enabling the VPN server to obtain the remote content; and transmit, to the exchange point based at least in part on utilizing the access IP address, a request to receive the remote content.
 20. The non-transitory computer-readable medium of claim 15, wherein the processor is configured to: receive, from the user device after establishment of the VPN connection, a local content request for local content that is available in the geographic location of the user device; and transmit, to the user device, the local content that is obtained based at least in part on utilizing a local DNS server. 